Share this:

ACCESS DENIED: There are too many passwords to remember, a new report from Google says, sowe need to look at others means to log on to devices, including jewelry. Photo: Getty Images

(
)

In the future, the safest password might just be no password at all, but a locket or watch that you wear.

That is, if Google’s goal of finding more secure and convenient alternatives to passwords goes as planned.

But will the company’s 500 million Google+ subscribers who have adopted its existing two-step verification password method adapt to no password at all?

Reportedly, the company is working with Yubico to develop a cryptography that, via one tap, would log users into their Google accounts — no password necessary.

The project currently is exploring use of USB-like hardware that would plug into a computer and, with a single tap, communicate one’s passwords, granting one access to his or her accounts.

But that is hardly a cure-all. As Ant Allan, research VP of ITL security, risk, privacy & compliance at Gartner, points out, “Authentication tokens have been established as a norm for strong authentication for years, [but] the limitation at the moment is that they are USB tokens.”

Google is aware that requiring consumers to carry around tokens could be a critical hindrance to successful adoption rates, so it is looking beyond even that.

The crux of the problem is that having to remember a token becomes just as burdensome as having to remember many passwords.

As a result, Google aims to replace both passwords and tokens with smartphones or jewelry — both items that consumers already have with them.

“We’d like your smartphone or smartcard-embedded finger ring to authorize a new computer via a tap on the computer, even in situations [in] which your phone might be without cellular connectivity,” says a recent report released by Google Vice President of Security Eric Grosse and engineer Mayank Upadhyay.